Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New doc: Configure OIDC web authentication #30647

Closed
damienbod opened this issue Oct 11, 2023 · 5 comments · Fixed by #33908
Closed

New doc: Configure OIDC web authentication #30647

damienbod opened this issue Oct 11, 2023 · 5 comments · Fixed by #33908
Assignees
@Rick-Anderson
Labels
doc-idea seQUESTered Identifies that an issue has been imported into Quest.

Comments

@damienbod
Copy link
Contributor

damienbod commented Oct 11, 2023
edited by Rick-Anderson
Loading

@Rick-Anderson EDIT fixed by #33908 and @halter73 owns the review
EDIT related issue #33877
I would like to create a new doc in the Security and Identity, Authentication area.

Menu: Configure OIDC web authentication

Page Title: Configure OpenID Connect Web (UI) authentication in ASP.NET Core

Sub sections
• Overview
• What is an OpenID Connect confidential interactive client
• Create an OpenID Connect client in ASP.NET Core
• Examples with code snippets
• Using third party provider clients
• Backend for frontend (BFF) security architecture
• Advanced features, standards, extending the OIDC client

@RickAndMSFT @blowdart @JeremyLikness @kevinchalet

What do you think?

Associated WorkItem - 330548
@damienbod
Copy link
Contributor Author

ping?

@kevinchalet
Copy link
Contributor

@damienbod woops, looks like I missed the first ping, sorry 😅

That would definitely be a nice-to-have doc' and AFAICT by looking at the TOC, most of the interesting aspects already seem to be listed 👍🏻

For the Using third party provider clients part, may I suggest mentioning the OpenIddict client? With its ~60 web providers, it's now a better option than the aspnet-contrib providers (specially for services that implement OpenID Connect, as the aspnet-contrib providers don't implement the full OIDC validation logic, unlike the OpenIddict client).

/cc @bradygaster: you may be interested as it seems related to dotnet/aspnetcore#42192.

@Rick-Anderson
Copy link
Contributor

@RickAndMSFT @blowdart @JeremyLikness @kevinchalet

What do you think?

Oops, I don't monitor @RickAndMSFT, just @Rick-Anderson
We'd love to have some help. @JeremyLikness should respond soon

@JeremyLikness
Copy link
Member

@damienbod this would be a great topic. I love the proposed outline. I'd like to loop in @halter73 as our identity-focused engineer in case he has any thoughts and wants to be involved in review/development.

@guardrex guardrex mentioned this issue Nov 22, 2023
Closed
@Rhywden
Copy link

Rhywden commented Nov 22, 2023

Yeah, I ran into this in #31082 where the previously working (in .NET7 Blazor) RedirectUri https://foo/ was just fine but got flagged by the antiforgery middleware if it wasn't set to include the magic string https://foo/signin-oidc
After Github Copilot rode to my rescue with regards to the signin-oidc everything seems to work. Didn't look yet at whether the requested scopes / role-assignments get passed, though.

@damienbod damienbod mentioned this issue Oct 19, 2024
Open
@Rick-Anderson Rick-Anderson self-assigned this Oct 21, 2024
@damienbod damienbod mentioned this issue Oct 23, 2024
Merged
@Rick-Anderson Rick-Anderson moved this from 🔖 Ready to 👀 In review in dotnet/AspNetCore.Docs October 2024 sprint Oct 23, 2024
@Rick-Anderson Rick-Anderson added reQUEST Triggers an issue to be imported into Quest doc-idea labels Oct 23, 2024
@sequestor sequestor bot added seQUESTered Identifies that an issue has been imported into Quest. and removed reQUEST Triggers an issue to be imported into Quest labels Oct 24, 2024
@Rick-Anderson Rick-Anderson moved this from 🔖 Ready to 👀 In review in dotnet/AspNetCore.Docs November 2024 sprint Nov 5, 2024
@github-project-automation github-project-automation bot moved this from 👀 In review to ✅ Done in dotnet/AspNetCore.Docs November 2024 sprint Nov 18, 2024
@dotnetrepoman dotnetrepoman bot added mapQuest clean move and removed mapQuest clean move labels Nov 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Rick-Anderson Rick-Anderson

Labels
doc-idea seQUESTered Identifies that an issue has been imported into Quest.
Projects
dotnet/AspNetCore.Docs November 2024 sprint
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

ASP.NET Core OpenID Connect: Configure OIDC web authentication damienbod/dotnet-AspNetCore.Docs
5 participants
@Rhywden @damienbod @Rick-Anderson @JeremyLikness @kevinchalet